Resetting the Luna Network HSM to Factory Condition

These instructions will allow you to restore your Luna Network HSM to its original factory configuration. The HSM is zeroized, all partitions erased, and HSM policies are returned to their default settings. If you have performed firmware and appliance software updates, those remain in place, and are not affected by this procedure.

To revert to a baseline appliance software/firmware, see Re-Imaging the Appliance to Factory Baseline.

To roll back the HSM firmware to the previous version, see Rolling Back the Luna HSM Firmware.

For eIDAS compliance, 'hsmrecover' function is added to factoryreset commands - see Stored Data Integrity.  

The standalone "hsmrecover" tool in the tools folder performs the same action, but can present additional messages that might be useful to Support engineers.

Prerequisites

>Only the HSM SO can perform factory reset.

>If you have STC enabled on the HSM, disable it by turning off HSM policy 39 before continuing (see Setting HSM Policies Manually).

>You must access LunaSH via a serial console to execute hsm factoryreset.

To reset the HSM to factory condition

1.Login as HSM SO.

lunash:> hsm login

2.Reset the HSM to factory settings.

lunash:> hsm factoryreset

3.Reset the appliance configuration (network settings, ssh, ntls, etc.) to factory settings.

lunash:> sysconf config factoryreset -service all

4.Reboot the appliance.